According to a report this week from cryptocurrency market tracker CryptoRank, DeFi platforms have suffered 121 hacks so far this year, resulting in roughly $942 million in losses.
The second quarter saw 85 incidents and the theft of approximately $775 million, making it the most active period ever for vulnerabilities in the cryptocurrency sector.
This increase in attacks comes against the backdrop of the struggle in the cryptocurrency market, which is characterized by weak investor confidence. The total value locked (TVL) in DeFi protocols has declined every month this year, falling from about $115 billion in January to $70 billion in late June.
Drift Protocol, KelpDAO Exploits High Q2 Losses
According to CryptoRank data, the second quarter of 2026 is 85 Accidents 49 times more than the period with the second-highest frequency of exploits, which happened to be Q1 2026. However, the total dollar-denominated losses were not as high as the previous peak, as the data provider reported two consecutive attacks in April It has been calculated For the majority of losses recorded in this quarter.
Drift Protocol and KelpDAO lost a total of $590 million, which is more than half of all DeFi losses recorded in 2026. Drift Protocol revealed that attackers stole around $285 million of user assets, with investigations by blockchain intelligence firm TRM Labs linking the operation to North Korea-linked hacking groups.
According to TRM, preparations for the on-chain attack began as early as March 11 with the withdrawal of 10 ETH from Tornado Cash. The cryptocurrency deal came after months of in-person meetings between Pyongyang agents and Drift employees.
“The attacker used social engineering to induce multiple signatories on the Drift Security Council to pre-sign transactions that appeared routine but carried hidden authorizations for important administrative actions.” books In a report published on April 30.
Just over two weeks later, North Korea’s Lazarus Group exploited the liquid recovery protocol in KelpDAO’s LayerZero bridge infrastructure and… to steal Nearly $290 million worth of rsETH.
Chainalysis reported at the time that the attackers forged a cross-chain message on April 18 afterward Bargaining Two RPC nodes used by LayerZero’s decentralized verification network. Meanwhile, the criminals hit a third node with a distributed denial-of-service attack, causing the system to use compromised verification tools.
The verification process has been manipulated to allow the creation of rsETH tokens on Ethereum without burning the corresponding assets on Unichain. Within days of the attack, Aave’s TVL lending protocol dropped from $26.4 billion to $14.3 billion, recording $12 billion in withdrawn funds, a decline of about 46%.
Breakouts were one problem; It was another shrinking market
Aave’s TVL decline was not unique, as CryptoRank data showed the value locked across all DeFi declined each month in 2026, rising from $115.3 billion in January to just over $70 billion in June. Although hacks were not the main reason behind this decreaseThe company noted that repeat incidents would likely make users less confident, leading to a broader rotation away from the sector.
But the decline was not as bad as what happened in the 2021-2022 cycle when DeFi TVL fell by more than 70% in seven months. The current decline has been much slower, and the market has also been structurally different, CryptoQuant says, with the supply of stablecoins growing to around $300 billion, real-world asset tokenization expanding, and capital being distributed across more sectors such as derivatives, infrastructure and lending, rather than concentrated in a handful of AMMs and yield farms.
However, among the largest ecosystems by TVL, only Tron and Hyperliquid managed to grow this year, with the former gaining 5% and the latter adding nearly 7% as it became the dominant place for perpetual on-chain products. The rest of the top 10 chains are in the deep red, with the hardest hit chains being Plasma and Arbitrum, which have so far seen TVL decline by 74.6% and 55% respectively.
this post Report: The second quarter of 2026 has become the worst quarter ever for cryptocurrency hacks appeared first on CryptoPotato.
